package com.yindian.cos.easy.security.authentication.login.normal.form;

import com.yindian.cos.easy.security.authentication.login.normal.AbstractLoginAuthentication;
import com.yindian.cos.easy.security.exception.NullPasswordException;
import com.yindian.cos.easy.security.exception.NullUsernameException;
import com.yindian.cos.easy.security.exception.NullVerificationCodeException;
import com.yindian.cos.easy.security.properties.EasySecurityProperties;
import com.yindian.cos.easy.security.properties.FormLoginProperties;
import lombok.extern.log4j.Log4j2;
import org.apache.commons.lang3.StringUtils;

import javax.servlet.http.HttpServletRequest;

/**
 * 表单登录拦截器
 *
 * @author zhangchuanhao
 * @create 2018/11/18
 */
@Log4j2
public class FormLoginLoginAuthentication extends AbstractLoginAuthentication {

    private final FormLoginProperties formLoginProperties;

    private final String loginUrl;

    private final String method;

    private final String usernameParameterName;

    private final String passwordParameterName;

    private final boolean verificationCodeEnable;

    private final String verificationCodeParameterName;

    public FormLoginLoginAuthentication(EasySecurityProperties easySecurityProperties, FormLoginUserService userService) {
        super(userService);
        this.formLoginProperties = easySecurityProperties.getForm();
        this.loginUrl = formLoginProperties.getLoginUrl();
        this.method = formLoginProperties.getMethod();
        this.usernameParameterName = formLoginProperties.getUsernameParameterName();
        this.passwordParameterName = formLoginProperties.getPasswordParameterName();
        this.verificationCodeEnable = formLoginProperties.getVerificationCodeEnable();
        this.verificationCodeParameterName = formLoginProperties.getVerificationCodeParameterName();
    }

    @Override
    public boolean support(HttpServletRequest request) {
        String requestUrl = request.getRequestURI();
        String requestMethod = request.getMethod();
        // 验证地址是否匹配
        if (loginUrl.equals(requestUrl)) {
            // 验证方法是否匹配
            if (StringUtils.equalsIgnoreCase(method, requestMethod)) {
                log.debug("执行拦截过滤器{}", this.getClass().getSimpleName());
                // 验证用户名
                String username = request.getParameter(usernameParameterName);
                if (StringUtils.isBlank(username)) {
                    throw new NullUsernameException("表单登录用户名不能为空");
                }
                // 验证密码
                String password = request.getParameter(passwordParameterName);
                if (StringUtils.isBlank(password)) {
                    throw new NullPasswordException("表单登录密码不能为空");
                }
                // 验证验证码
                if (verificationCodeEnable) {
                    String verificationCode = request.getParameter(verificationCodeParameterName);
                    if (StringUtils.isBlank(verificationCode)) {
                        throw new NullVerificationCodeException("表单登录验证码不能为空");
                    }
                }
                return true;
            }
        }
        return false;
    }

    @Override
    public int order() {
        return formLoginProperties.getOrder();
    }
}
